I have had two WordPress blogs hacked into formerly. That was in a time when I was doing almost no internet marketing, and until I found time to handle the situation (weeks later), these sites were penalized in the main search engines. They were not eliminated the evaluations were reduced.
Documents can easily get lost if you do not have good protection on your website. A few of those files may be saved in your computer and easily replaceable, but what about the rest of them? Where are you going to get them from again, if you lose them the first time? For sites which have been in business for quite a long time, fix wordpress malware removal is vital. Many times, long-term sites have created a high number of files and have a good deal of data. Recreating all of that are a nightmare, and not something any business owner wants to do.
It will start with the basics. Try to use passwords. Use spaces, numbers, special characters, and letters and combine them to make a unique password. You can also use usernames that are not obvious.
Exploit Scanner goes seeking anything suspicious through the files on your site place, comment and database tables. You are also notified my review here by it for plugin names that are odd. It doesn't remove anything, it warns you for possible threats.
What if you visit WP-Content/plugins, can you web see that folder? If so, upload that blank Index.html file into that folder as well so people can't see what plugins you might have. Someone can use that to get access because if your existing version of WordPress is up to date, if you're using a plugin or an old plugin continue reading this using a security hole.
However, I advise that you install the Login LockDown plugin instead of any.htaccess controls. Login requests will stop from being allowed after three failed login attempts from a certain IP address for an hour. If you do so, you may access your admin panel while and yet you have protection against hackers.